[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87854

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2018:0592-01 -- Redhat slf4j

ID: oval:org.secpod.oval:def:502255Date: (C)2018-03-27   (M)2018-09-13
Class: PATCHFamily: unix




The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging . Security Fix: * slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Chris McCown for reporting this issue.

Platform:
Red Hat Enterprise Linux 7
Product:
slf4j
Reference:
RHSA-2018:0592-01
CVE-2018-8088
CVE    1
CVE-2018-8088
CPE    6
cpe:/a:slf4j:slf4j
cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux_workstation:7.0
...

© SecPod Technologies